Configuration Management SPIE-2003

7/28/2019 Configuration Management SPIE-2003

1/23

Configuration Management

Supplement 67

Robert Horn, Agfa Healthcare


2/23


The Problem being solved Use Cases

Sup. 67DICOM Configuration Management


3/23

The Problem Being Solved

Installation of DICOM equipment Takes too long

Requires too much effort

Requires time consuming, multi-vendor coordination

Involves too many mistakes

Upgrading and repairing DICOM equipment Requires too much service effort for configuration tasks that

are unrelated to the problem being solved.

Configuration complexity prevents customer self-help for

simple problems


4/23

Use cases

Add a new machine

Locate Actor, IP, AE-title, Security

information Single node power up and establish

configuration

Time Synchronization


5/23


6/23

Network Services

DHCP Assigns IP address, hostname

Informs DNS of assignment

Provides routing, NTP, DNS, etc. information to client

DNS Provides hostname to IP lookup services

Provides server location lookup services

NTP Provides accurate time and time synchronization

See www.ntp.org for descriptions, software, evaluation, and

configuration guidance.
http://www.ntp.org/http://www.ntp.org/


7/23

LDAP

Very Widespread use,

No surprises to the IT staff

Large base of trained users and administrators

Large base of software clients

Support by Microsoft, Unix, Open Source

Support for federated databases Easy to extend by adding schema


8/23

Infrastructure requirements

DHCP, DNS, NTP, LDAP may be on one host, or

may be on multiple hosts.

Normal network design issues, nothing special for

the DHCP, DNS and NTP services.

LDAP is increasingly integrated into IT

operations. This makes its use for configuration

management more attractive, but means a greaterplanning involvement with the IT organization.


9/23

Beyond AE-Titles

Installation and Network Configuration oriented

Locate Application given the AE-title

TCP/IP parameters

AE Configuration

SOP Classes supported (SCU/SCP, Transfer Syntaxes)

Vendor extension

Obtain new unique AE-Title

Device Configuration

Description

Vendor extension

Hospital extension


10/23


11/23

Preconfigured Installation

A

A

A

A

B BB

LDAP

LDIF

LDIF

Network

Planning

PreparedConfigurations

Prepared

Configurations

Vendor A Preparation

Vendor B preparation

DHCP

IT Organization


12/23

Add another machine

DHCP

LDAP

DNS

Get IP, hostname, etc.

Find LDAP Server

Query Configuration

Obtain Unique AE Titles

Update Configuration

Install Hardware

Assign Name

Configure System


13/23

Customer Assisted Maintenance

Simple device swap

Remote reconfiguration

Local reconfiguration


14/23

Present Supplement Status

Supplement 67Proposed for Frozen Draft

Could be updated and final by September or

October.


15/23


Actors

Resolve Hostname

NTP ClientNTP Server

DHCP Client DHCP Server DNS Server

LDAP Client LDAP Server

Maintain Time

Find NTP ServerDHCP

SNTP Client

DDNS

Coordination

Find DHCP and Use

Server

MaintainLease

Find LDAP Server

Query LDAP Server,Client Update LDAP

Server

One or more Client

actors will be in thesame device

Find NTP ServerBroadcast

Maintain Time

One or more Server actors may be in the same device

DNS Client

Resolve Hostname

OR


16/23

Individual AE TitleIndividual AE Title

LDAP Schema

DICOM Configuration

Unique AE Titles Registry

Individual AE Title

Devices Vendor Information, Certificates, Device Configuration parameters, etc.

AE-Title, Description, AE Configuration parameters, etc.Network AENetwork AE

Transfer CapabilityTransfer CapabilitySCU/SCP, Hostname, Port, etc.

} This portion is used toprovide unique AE titlesautomatically.


17/23

## The following attribute types are defined in this document:

#

# Name Syntax Multiplicity

# -------------------------------- ------ ------------

# dicomDeviceName string Single

# dicomDescription string Single

# dicomManufacturer string Single

# dicomManufacturerModelName string Single

# dicomVersion string Multiple

# dicomVendorData binary Multiple

# dicomAETitle string Single# dicomNetworkConnectionReference DN Multiple

# dicomApplicationCluster string Multiple

# dicomAssociationInitiator bool Single

# dicomAssociationAcceptor bool Single

# dicomHostname string Single

# dicomPort Integer Single

# dicomSOPClass OID Single

# dicomTransferRole string Single

# dicomTransferSyntax OID Multiple

# dicomPrimaryDeviceType string Multiple

# dicomRelatedDeviceReference DN Multiple

# dicomPeerAETitle string Multiple

# dicomTLSCipherSuite string Multiple

# dicomAuthorizedNodeCertificateReference DN Multiple

# dicomThisNodeCertificateReference DN Multiple

# dicomInstalled bool Single

#

LDAP Schema


18/23

Example of attribute definition

# 3.1 dicomDeviceName string Single

#

# This attribute stores the unique name (within the scope of the LDAP database)

# for a DICOM Device.

#

# It is a single-valued attribute.

# This attribute's syntax is 'Directory String'.

# Its case is not significant for equality and substring matches.

#

attributetype ( 1.2.840.10008.15.0.3.1

NAME 'dicomDeviceName'

DESC 'The unique name for the device'

EQUALITY caseIgnoreMatch

SUBSTR caseIgnoreSubstringsMatch

SYNTAX 1.3.6.1.4.1.1466.115.121.1.15

SINGLE-VALUE )


19/23

Objects Defined

# The following object classes are defined in this document. All are

# structural classes.

#

# Name Description

# --------------------------- --------------------------

# dicomConfigurationRoot root of the DICOM Configuration Hierarchy

# dicomDevicesRoot root of the DICOM Devices Hierarchy

# dicomUniqueAETitlesRegistryRoot root of the Unique DICOM AE-Titles Registry Hierarchy

# dicomDevice Devices# dicomNetworkAE Network AE

# dicomNetworkConnection Network Connections

# dicomUniqueAETitle Unique AE Title

# dicomTransferCapability Transfer Capability


20/23

Example of Object Definition#

# 4.4 dicomDevice#

# This structural object class represents a DICOM Device.

#

objectclass ( 1.2.840.10008.15.0.4.4

NAME 'dicomDevice'

DESC 'DICOM Device related information'

SUP top

STRUCTURALMUST (

dicomDeviceName $

dicomInstalled )

MAY (

dicomDescription $

dicomManufacturer $

dicomManufacturerModelName $

dicomVersion $

dicomVendorData $

dicomPrimaryDeviceType $

dicomRelatedDeviceReference $

dicomAuthorizedNodeCertificateReference $

dicomThisNodeCertificateReference) )


21/23

Use of LDAP Schema

Schema text from the supplement in the format used to configure generic LDAP

servers

Cut and paste from supplement into serverconfiguration file tested and verified

Local extension by modifying schema


22/23

Purpose of Frozen Draft

Find any remaining flaws in the Frozen Draft Inhouse experience at several companies revealed flaws in the

public comment version.

The flaws only became apparent during the development of

trial versions.

Inter-company trials are expected to reveal other flaws in the Frozen Draft version

The trials are not exploring implementation compatibility, only

clarity of the standard The trials are not a compatibility connectathon

The Committee for Advancement of DICOM is organizing a

small group of trial implementations.


23/23

Future additions

Security parameter distribution LDAP is one of the mechanisms for distributing PKI

information for key management.

Configuration Management SPIE-2003

Documents

Transcript of Configuration Management SPIE-2003